<html>
<head>
<title>The Exim FAQ Section 16</title>
</head>
<body bgcolor="#F8F8F8" text="#00005A" link="#FF6600" alink="#FF9933" vlink="#990000">
<h1>The Exim FAQ</h1>
<a href="FAQ.html#TOC">Contents</a>
<a href="FAQ_15.html">Previous</a>
<a href="FAQ_17.html">Next</a>
<hr><br>
<h2><a href="FAQ.html#TOC321">16. MODIFYING MESSAGE BODIES</a></h2>
<p>
<a name="TOC322" href="FAQ.html#TOC322">Q1601:</a> How can I add a disclaimer or an advertisement to a message?
</p>
<p>
<font color="#00BB00">A1601:</font> There are a number of technical and potential legal problems that arise
in connection with message modification. Some of them are listed below.
Some comment on the legal position of email disclaimers in English law
can be found at <a href="http://www.weblaw.co.uk/artemail.htm">http://www.weblaw.co.uk/artemail.htm</a>.
</p>
<p>
See also <a href="http://www.goldmark.org/jeff/stupid-disclaimers/">http://www.goldmark.org/jeff/stupid-disclaimers/</a>. There is
some discussion about the problems of actually adding disclaimers in
<a href="http://www.goldmark.org/jeff/stupid-disclaimers/apply.html">http://www.goldmark.org/jeff/stupid-disclaimers/apply.html</a>.
</p>
<p>
In many cases, email disclaimers will make your company look ridiculous,
at the very least. At worst, they may interfere with the normal
processing of mail.
</p>
<p>
If, despite these considerations, you still want to modify messages, you
can do so using Exim, but not directly in Exim itself. It is not the job
of an MTA to modify messages, something that requires understanding of
their content and format.
</p>
<p>
Exim provides a hook called a “transport filter” that lets you pass
any outgoing message through a program or script of your choice. It
is the job of this script to make any changes to the message that you
require. By this means, you have full control over what changes are
made, and Exim does not need to know anything about message bodies.
However, using a transport filter requires additional resources, and may
slow down mail delivery.
</p>
<p>
You can use Exim's routers to arrange for those messages that you want
to modify to be delivered via a transport filter. For example, suppose
you want to do this for messages from addresses in your domain that are
being delivered to a remote host. First you need to set up a special
<b>smtp</b> transport that uses a filter, like this:
</p>
<pre>
remote_smtp_filter:
driver = smtp
transport_filter = /your/filter/command</pre>
<p>
Then you need to modify the <b>dnslookup</b> router to use this transport
when the conditions are right:
</p>
<pre>
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = ${if eq {$sender_address_domain}{your.domain}\
{remote_smtp_filter}{remote_smtp}}
ignore_target_hosts = 127.0.0.0/8
no_more</pre>
<p>
This is the standard <b>dnslookup</b> router, but with a modified setting of
the <tt>transport</tt> option. When the sender address is in your domain, it
routes to the special transport instead of the standard one.
</p>
<p>
The entire message is passed to your filter command on its standard
input. It must write the modified version to the standard output, taking
care not to break the RFC 2822 syntax. The command is run as the Exim
user.
</p>
<p>
There are a number of potential problems in doing this kind of
modification in an MTA. Many people believe that to attempt is it wrong,
because:
</p>
<p>
1. It breaks digital signatures, which are becoming legally binding
in some countries. It may well also break encryption.
</p>
<p>
2. It is likely to break MIME encoding, that is, it is likely to wreck
attachments, unless great care is taken. And what about the case of a
message containing only binary MIME parts?
</p>
<p>
3. It is illegal under German and Dutch law to change the body of
a mail message in transit. It might potentially be illegal in
the UK under European law. This consideration applies to ISPs and
other “common carriers”. It would presumably not apply in a corporate
environment where modification was done only to messages originating
from the employees, before they left the company's network. It might
also not apply if the senders have explicitly given their consent
(e.g. agreed to have advertisements added to their incoming mail).
</p>
<p>
4. Since the delivered message body was produced by the MTA (not the
originator, because it was modified), the MTA operator could
potentially be sued for any content. This again applies to `common
carrier' MTAs. It's interesting that adding a disclaimer of liability
could be making you liable for the message, but this case seems
more likely to involve adding advertisements than disclaimers. After
all, no postal service in the world opens all the mail it carries to
add disclaimers.
</p>
<p>
5. Some mail clients (old versions of MS outlook) crash if the message
body of an incoming MIME message has been tampered with.
</p>
<p>
There are also potential problems that could arise if a scheme to add
disclaimers goes wrong for some messages:
</p>
<p>
1. False negatives: `Ah, this guy usually says he does not represent
their views, but in this message he doesn't have the disclaimer'.
</p>
<p>
2. False positives: `This official announcement does not represent our
views, oh no'.
</p>
<p>
An alternative approach to the disclaimer problem would be to insist
that all relevant messages have the disclaimer appended by the MUA. The
MTA should refuse to accept any that do not. Again, however, the MTA
must understand the format of messages in order to do this. Simply
checking for appropriate wording at the end of the body is not good
enough. It would probably be necessary to run a Perl script from within
an Exim system filter, or write a <i>local_scan()</i> function in order
to adopt this approach.
</p>
<p>
Finally, it's a trivial matter to add customized headers of the sort:
</p>
<pre>
X-Disclaimer: This is a standard disclaimer that says that the views
X-Disclaimer: contained within this message are somebody else's.</pre>
<p>
which is a much easier alternative to modifying message bodies.
</p>
<p>
<a name="TOC323" href="FAQ.html#TOC323">Q1602:</a> How can I remove attachments from messages?
</p>
<p>
<font color="#00BB00">A1602:</font> The answer to this is essentially the same as for <a href="FAQ_16.html#TOC322">Q1601</a>.
</p>
<hr><br>
<a href="FAQ.html#TOC">Contents</a>
<a href="FAQ_15.html">Previous</a>
<a href="FAQ_17.html">Next</a>
</body>
</html>
